Joel Schectman writes: When your company gets attacked by hackers, how much do you tell the public and when? Often the answers are nothing and never, according to an attorney assisting Target Corp. with legal issues arising from its December data breach. There was little consensus on when companies should report data breaches among business executives and officials…
Category: Commentaries and Analyses
Pointer: Senate Commerce report on Target data breach
The Senate Committee on Commerce, Science, and Transportation released its report, “A “Kill Chain” Analysis of the 2013 Target Data Breach.” The report was prepared by the majority staff for Chairman Rockefeller.
More TD Bank insider breaches
On March 1, I blogged about numerous insider breaches TD Bank has reported in the past few years. I updated that report on March 9 with even more breaches that I uncovered via public records that were subsequently made available. Today, I received a response to a public records request to the North Carolina Attorney…
Rockefeller: Staff Report Details Target’s Missed Opportunities to Stop Massive Data Breach
Chairman John D. (Jay) Rockefeller IV today released a staff report titled, “A ‘Kill Chain’ Analysis of the 2013 Target Data Breach.” The report details how Target possibly failed to take advantage of several opportunities to prevent the massive data breach in 2013 when cyber criminals stole the financial and personal information of as many…
GAO: VA Needs to Address Long-Standing Challenges
Highlights from the GAO Report, “INFORMATION SECURITY: VA Needs to Address Long-Standing Challenges (GAO-14-469T): The Department of Veterans Affairs (VA) continues to face long-standing challenges in effectively implementing its information security program. Specifically, from fiscal year 2007 through 2013, VA has consistently had weaknesses in key information security control areas (see table). Control Weaknesses for…
U.S. notified 3,000 companies in 2013 about cyberattacks
Ellen Nakashima reports: Federal agents notified more than 3,000 U.S. companies last year that their computer systems had been hacked, White House officials have told industry executives, marking the first time the government has revealed how often it tipped off the private sector to cyberintrusions. The alerts went to firms large and small, from local…